databrickslabs
Fix code scanning alert - Clear-text logging of sensitive information
The migrate script also exports and imports databricks secret scopes object data which includes "secrets" in base64 encoded format. The script dumps it to the local storage file (just like any other object type data). If the storage is accessible by multiple users somehow, (e.g. using a shared compute machine to run this script without proper ACLs in the machine) then the secret data is also exposable to those users.
We should fix it by encryption and decryption, but it is also not trivial because the encryption key itself has to be stored outside the machine. We can make the script take the encryption/decryption key as part of the parameter, where the user has to make sure to store the key securely.
Tracking issue for:
- [ ] https://github.com/databrickslabs/migrate/security/code-scanning/9
